threading on the internet can be riskless - fujitsu fac2017track1...presenter date threading on the...
TRANSCRIPT
Presenter Date
Threading on the Internet can be Riskless
Sean Lim
Senior Systems Engineer
2nd Nov 2017
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Expanded Surface: Data Protection & Compliance
Regional
Office
Roaming
Users Personal Devices
Security Stack
WEB & SHADOW IT
SaaS APPS
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Regional
Office
Roaming
Users
SSL Encryption
IOT Devices Personal Devices
SSL Encryption
Security Stack
SSL Encryption WEB & SHADOW IT
SaaS APPS
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Regional
Office
Roaming
Users Personal Devices
Security Stack
WEB & SHADOW IT
SaaS APPS
...With the capability, reliability, performance of on-prem security systems
Protect my users from ubiquitous threats?
Secure data & comply with legal regulations?
Effectively manage new devices and mobile users?
How Do I Move to Cloud Security To…
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Symantec Web Security Service
Headquarters Data Center
IOT Devices Personal Devices
Take Remote Sites Safely “Direct to Net”
Symantec Web Security Service (WSS)
Threat Protection, Information Security, & Access Governance
For Remote Sites, Mobile Users, & Data Centers
Assure a Safe & Simple Migration to Cloud
Regional Office
Extend Web & Cloud Governance to Mobile
Configure Universal Policy For True Hybrid
PROXY PROXY
Roaming Users
WEB & SHADOW IT
SaaS APPS
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Cloud-delivered ProxySG Secure Web Gateway
Set granular policies to control web usage
Cloud-only or mixed model (cloud & HW)
Market-leading enterprise-class feature set Symantec Web
Security Service
Malware Scanning & Analysis
Information Protection
CASB
Unified Management
(Cloud & Premise)
Symantec Web Security Service
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
SSAE16 ISO 27001
Symantec Global Cloud
• Any customer / any data center
• Standard 99.999% availability SLA
• Automatic closest data center selection
• >50% capacity utilization expansion trigger
• Hosted at top tier infrastructure providers
• Redundant within and between locations
• >55 service points https://www.symantec.com/products/web-and-cloud-security/cloud-delivered-web-security-services/resources
Symantec Cloud Services Footprint
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
9 global threat response centers
3,800 researchers &
engineers 3.7 Trillion
lines of telemetry
430 million new unique malware
files discovered
182M new web
attacks blocked
100M social engineering
scams blocked
20,000+ cloud apps cataloged
& profiled
WWW 163M
Protected Email Users 2 Billion emails scanned per day
4.5 Billion new queries processed
daily
175M Protected Endpoints 1 Billion
previously unseen daily web requests
80M Web Proxy Users
15,000 Largest Global Enterprises
Correlated
Data
Correlated
Data
Correlated
Data CORRELATION ACROSS VECTORS
Last
Year
Global Intelligence Network
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY
Simplified Governance & Accelerated User Experience WSS: Optimized for Office 365
TCP Window
Wider Transfer Windows Increased Bandwidth Throughput Fewer Round Trips & Reduced Latency
Fewer “Hops” Faster Path Lower Latency
Simplify Powerful Proxy Policy for O365 Automate Classification of Office 365 Application Traffic Synchronize Rapidly Changing O365 IP’s and URLs with MSFT
Simplify Governance
Accelerate User Experience Optimize Content Delivery with Content Peering
Accelerate Connections with TCP Window Scaling
Application-level QoS
Quality of Service
End Use
r
WSS 4
2
3
Content Provider
9
6
5 1 7 W
ITH
OU
T P
EER
ING
8
WIT
H P
EER
ING
End Use
r
2
Content Providers
1
WSS 4
3
10 Copyright © 2017 Symantec Corporation
The Threat of the Unknown Web
• URL filtering and risk level are VERY effective in
identifying known good and known bad domains
Source: Bluecoat
Known Bad Known Good
• But what about unknown, uncategorized or
potentially risky domains? o Many are legitimate, but some offer ideal cover for
hackers launching attacks
o 71% of all host names exist for 24 hours or less
o Millions of new sites created every day
• Security teams either: o Block access at the expense of business productivity
or
o Incur risk by enabling wider access
Unknown
U
N
C
A
T
E
G
O
R
I
Z
E
D
R
I
S
K
Y
11 Copyright © 2017 Symantec Corporation
Web Isolation Architecture
User
User gestures
Transparent
Clientless
Rendering
100% safe
visual stream
Web
Documents
Threat Isolation Platform
Secure Disposable Container
Render Execute Download
• Execute and render web sessions remotely
• Isolate both web and email, including attachments
12 Copyright © 2017 Symantec Corporation
Anatomy of a Web Page Why web browsing is such a massive attack
surface How Fireglass eliminates the web attack surface
13 Copyright © 2017 Symantec Corporation
Eliminating the Internet as a Source of Risk
14 Copyright © 2017 Symantec Corporation
Web access policy: • Always allow certain
categories/sites • Always block certain
categories/sites • Key Issue – Middle
Ground o Over-block – creates
user issues o Under-block –
Increased risk of malware
Problem: Over-blocking the “Middle Ground” sites
15 Copyright © 2017 Symantec Corporation
Web access policy: • Always allow certain
categories/sites • Always block certain
categories/sites • Middle ground
categories/sites get isolated o Expanded access
with no malware risk
Stop Over-blocking Web Isolation With Proxy Using Website Categories
16 Copyright © 2017 Symantec Corporation
Stop Over-blocking Web Isolation With Proxy Using Categories (With Risk Levels: BCIS-Advanced)
Web access policy: • Allow certain categories
and low risk sites • Block certain categories
and riskiest sites • Middle ground
categories & potentially risky sites get isolated o Expanded access
with no malware risk
Thank You!